<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: blog_comments.php 135 2013-09-22 07:30:55Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 135 $
* 	zuletzt geändert von:	$Author: siekiera $
* 	Datum:					$Date: 2013-09-22 07:30:55 +0000 (Sun, 22 Sep 2013) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */

$module_smarty = new Smarty();
$module_smarty->assign('tpl_path', 'templates/'.CURRENT_TEMPLATE.'/');

$success = false;
$info_message = '';

if($_GET['action'] == 'save') {
	$error = false;

	$user_name = $_POST['user_name'];
	$text = $_POST['text'];

	if(($_POST['security_code'] != $_SESSION['security_code_blog']) || (!empty($_SESSION['security_code_blog']) && empty($_POST['security_code']))) {
		$error = true;
		$message_stack->add('Der Captcha Code ist falsch.', 'error');
	}
	
	if(empty($user_name)) {
		$error = true;
		$message_stack->add('Der Name darf nicht leer bleiben.', 'error');
	}

	if(empty($text)) {
		$error = true;
		$message_stack->add('Geben Sie einen Kommentar ein.', 'error');
	}
	
	if(!$error) {
		$db->db_query("INSERT INTO 
							".TABLE_BLOG_COMMENT." 
							(blog_id, name, text, date, customers_status) 
						VALUES 
							('".$_GET['blog_item']."', '".$user_name."', ".$db->db_prepare(addslashes($text)).", NOW(), '".$_SESSION['customers_status']['customers_status_id']."') ");
		$last_comment = $db->db_insert_id();
		
		if(BLOG_INFO_OF_COMMENT == 'true') {
			$html = 'In Ihrem Blog wurde ein neuer Beitrag geschrieben: <a href="'.href_link('blog.php', 'blog_item='.$_GET['blog_item']).'#com'.$last_comment.'">zum neuen Eintrag</a>';
			$text = 'Das ist der neue Kommentar: '.href_link('blog.php', 'blog_item='.$_GET['blog_item']).'#com'.$last_comment;

			php_mail(EMAIL_FROM,
					STORE_OWNER,
					STORE_OWNER_EMAIL_ADDRESS,
					STORE_OWNER,
					'',
					'',
					'',
					'',
					'',
					'Es wurde ein neuer Kommentar geschrieben',
					$html,
					$text);
		}
		unset($_SESSION['captcha']);
		unset($_SESSION['security_code_blog']);
		$message_stack->add_session('Ihr Kommentar wurde gespeichert.', 'success');
		redirect(href_link(FILENAME_BLOG, 'blog_item='.$_GET['blog_item']).'#com'.$last_comment);
	}
}

$sql = "SELECT
			id,
			name,
			text,
			DATE_FORMAT(date, '%d.%m.%Y um %H:%i Uhr') AS date,
			customers_status
		FROM
			".TABLE_BLOG_COMMENT."
		WHERE
			blog_id = '".$_GET['blog_item']."'
		ORDER BY
			date ASC";
			
$sql_comments = new page_break($sql, $_GET['page'], 10, 'blog.php');

if($sql_comments->result) {

	$comments = array();
	
	$i = 1;
	$getComments = $sql_comments->sql_string;
	while(!$getComments->EOF) {

		if($getComments->fields['customers_status'] == 0)
			$status = ' admin_comment';
		else
			$status = '';

		$comments[] = array('NR' => $i,
							'ID' => $getComments->fields['id'],
							'NAME' => $getComments->fields['name'],
							'TEXT' => nl2br($getComments->fields['text']),
							'DATE_ADDED' => $getComments->fields['date'],
							'STATUS' => $status);
		$i++;
		$getComments->MoveNext();
	}

	$module_smarty->assign('COMMENT', $comments);
	$module_smarty->assign('NAVIGATION', $sql_comments->getLinks());
	
} else
	$module_smarty->assign('NO_COMMENTS', '<em>Derzeit sind keine Kommentare vorhanden, schreiben Sie den Ersten.</em>');
	
$module_smarty->assign('FORM_START', draw_form('add_comment', href_link('blog.php', 'blog_cat='.$_GET['blog_cat'].'&blog_item='.$_GET['blog_item'].'&action=save')));

$captcha_site = '_blog';
include('captcha.php');
$module_smarty->assign('CAPTCHA', '<img src="captcha.php?show=true&name=blog" alt="Captcha" id="captcha_image" />');
$module_smarty->assign('INPUT_CAPTCHA', draw_input_field('security_code', '', 'size="6" maxlength="6" style="width:25px; text-align:center" id="security_code"', 'text', false));

$module_smarty->assign('TEXTFIELD', draw_textarea_field('text', '', '40', '6', $text, 'style="width: 442px"'));
if(isset($_SESSION['customer_id']))
	$name = $_SESSION['customer_first_name'].' '.$_SESSION['customer_last_name'];
$module_smarty->assign('NAME', draw_input_field('user_name', $user_name));
$module_smarty->assign('BUTTON_SEND', image_submit('button_send.gif', 'Kommentar abschicken'));
$module_smarty->assign('FORM_END', '</form>');

$module_smarty->caching = false;
$module = $module_smarty->fetch(CURRENT_TEMPLATE.'/module/blog_comments.html');
$module_smarty->assign('COMMENTS', $module);